Commit Graph

8379 Commits

Author SHA1 Message Date
Ankur Pathak c29309d744 Reactive Implementation of AuthorizedClientServiceOAuth2AuthorizedClientManager
ReactiveOAuth2AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager is reactive
version of AuthorizedClientServiceOAuth2AuthorizedClientManager

Fixes: gh-7569
2019-12-10 13:59:51 -05:00
Clement Stoquart 0c47bfb1e3 Remove empty relay state from redirect url 2019-12-10 09:49:54 -08:00
Joe Grandja 24500fa3ca Remove redundant validation for redirect-uri
Fixes gh-7706
2019-12-06 11:55:31 -05:00
Rob Winch 9c991a5430 Start Servlet Authentication Cleanup
Issue gh-7628
2019-12-06 10:52:38 -06:00
Joe Grandja 4d9cee116c Display general error message when WebFlux oauth2Login() fails
Issue gh-5562 gh-6484
2019-12-05 16:54:31 -05:00
Joe Grandja c40a17b4d1 WebFlux oauth2Login() redirects on failed authentication
Fixes gh-5562 gh-6484
2019-12-05 16:50:43 -05:00
Josh Cummings d102cae243
oidcLogin MockMvc Documentation
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
2019-12-02 22:49:17 -07:00
Josh Cummings 8c32d5fe48
Add oidcLogin WebFlux Test Support
Fixes: gh-7680
2019-12-02 22:28:24 -07:00
Josh Cummings bb8706977d
Polish DefaultOAuth2AuthorizedClientManager 2019-12-02 16:05:17 -07:00
Eleftheria Stein 55f1c695e1 Include security configuration context in test sample
Fixes: gh-7688
2019-12-02 10:13:24 +01:00
Alexey Nesterov d8d59e97ac Correctly configure authorization requests repository for OAuth2 login
To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and
OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is
correctly configured, but the latter always uses default, WebSession based repository. So authorization code created
before redirect to authorization endpoint will never be found to complete OAuth2 login when custom
ServerAuthorizationRequestRepository is used.

This change also makes OAuth2Client and OAuth2Login authentication converters consistent.

Fixes gh-7675
2019-11-29 12:05:15 -05:00
Joe Grandja 65513f2e3b Polish OAuth2AuthorizedClientArgumentResolver 2019-11-28 09:48:01 -05:00
Joe Grandja 80f256e425 ServerOAuth2AuthorizedClientExchangeFilterFunction works with UnAuthenticatedServerOAuth2AuthorizedClientRepository
Fixes gh-7544
2019-11-28 09:48:01 -05:00
Joe Grandja 07b8aa0b1f DefaultReactiveOAuth2AuthorizedClientManager requires non-null serverWebExchange
Issue gh-7544
2019-11-28 09:48:01 -05:00
Eleftheria Stein b7cb93f671 Fix WebFlux logout disabling
Fixes: gh-7682
2019-11-28 14:40:25 +01:00
Ruslan Stelmachenko c38e57fa42 Fix class and variable names 2019-11-28 09:23:38 +01:00
Ruslan Stelmachenko 8ebc7ca0ea Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc 2019-11-28 09:23:38 +01:00
Rob Winch af01fdce7e Fix security.tld 2019-11-27 10:20:00 -06:00
Rob Winch 17449cbf60 Fix next development version 2019-11-27 08:16:23 -06:00
Rob Winch a7871cfce4 Next Development Version 2019-11-27 08:06:16 -06:00
Rob Winch e5932131a9 Next Development Version 2019-11-27 08:05:44 -06:00
Filip Hrisafov 796859333f Log full failed authentication exception in BasicAuthenticationFilter 2019-11-27 14:56:24 +01:00
David Eisner 56f5242595 Fix minor typo. 2019-11-27 09:43:41 +01:00
Josh Cummings b35e18ff31
Add oidcLogin MockMvc Test Support
Fixes gh-7618
2019-11-26 16:12:06 -07:00
Josh Cummings 6ff71d8113
Add OidcUserInfo.Builder
Fixes gh-7593
2019-11-26 16:12:06 -07:00
Josh Cummings c76775159c
Add OidcIdToken.Builder
Fixes gh-7592
2019-11-26 16:12:06 -07:00
Josh Cummings 4954a229d6
Polish oauth2Login Sample Test
Issue: gh-7618
2019-11-26 14:19:14 -07:00
ryenus 42ab6736e1 typo fix: consecutive-word duplications (#7673)
* fix typo: require require

* more typo fix: consecutive-word duplications

Following previously finding, I then used `rg` to find other similar
typos, with false positives manually excluded, using the following
command:

    rg -t asciidoc -Pp '\b(\w+)\s+\1\b'
2019-11-26 18:35:28 +01:00
Rob Winch af47e730a0 Only Hello Spring Security Boot
For those getting started, we really need to send the message of using
Spring Boot.

Fixes gh-7627
2019-11-26 08:38:29 -06:00
Eleftheria Stein c5b36664ce Polish PrincipalSid
Remove reduntant UserDetails check and add tests
2019-11-26 15:09:44 +01:00
杨博 (Yang Bo) ea148d5fee Avoid toString in favor of getName for extract sid
There are some more sophisticated implementations of `getName` in `AbstractAuthenticationToken`  and other `Authentication` classes.
2019-11-26 15:09:44 +01:00
Rob Winch b3d177fc7e Extract HTTPS Documentation
Fixes gh-7626
2019-11-25 15:49:51 -06:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
2019-11-22 15:07:05 -07:00
Eleftheria Stein 8a95e5798d Update @MessageMapping to match input/output cardinality 2019-11-22 15:07:38 -06:00
Pim Moerenhout cd0bec48de Fix typo in log message. 2019-11-21 15:55:27 -07:00
Paul Pazderski 0d35194b47 Add sessionFixation Javadoc 2019-11-15 12:17:05 +01:00
Josh Cummings 22ae3eb765
Polish Error-handling Tests
Tests should assert the error message content that Spring Security
controls.

Fixes gh-7647
2019-11-14 16:13:39 -07:00
Adrian Pena ca8877c8c5 Updates javadoc for InitializeUserDetailsBeanManagerConfigurer 2019-11-13 10:34:10 +01:00
Josh Cummings bc2aedac69
Update to nimbus-jose-jwt 7.8.1
Fixes gh-7570
2019-11-11 12:56:29 -07:00
Rafiullah Hamedy 58ca81d500 Make jwks_uri optional for RFC 8414 and Required for OpenID Connect
OpenID Connect Discovery 1.0 expects the OpenId Provider Metadata 
response is expected to return a valid jwks_uri, however, this field is 
optional in the Authorization Server Metadata response as per RFC 8414
specification.

Fixes gh-7512
2019-11-11 10:34:06 -07:00
Rob Winch e1fad001d9 Extract HTTP Response Headers Documentation
Fixes gh-7625
2019-11-07 10:55:40 -06:00
Eleftheria Stein 1188a3bb5f Polish RememberMeConfigurer
Issue: gh-4140
2019-11-07 15:26:59 +01:00
邓超 b13f750646 Retrieve remember-me key from service as fallback
Fixes: gh-4140
2019-11-07 13:55:39 +01:00
LeeHainie 4b4c6e612b Remove unnecessary instantiation in root
Fixes: gh-7635
2019-11-07 10:26:02 +01:00
Kristine Jetzke 97fd3d7c84 Clarify usage of hasAnyRole and hasAnyAuthority 2019-11-07 10:07:42 +01:00
Yanming Zhou 9f6a36444a Add missing schemas 2019-11-06 08:24:20 -06:00
Eddú Meléndez 27aa61b02f Use LocalRSocketServerPort annotation 2019-11-06 10:10:32 +01:00
Drummond Dawson 4f82be7e68 Support URI vars in formLogin and logout MockMvc requests 2019-11-05 09:46:50 +01:00
Rob Winch 8722a4b0d0 Revert "Update to AspectJ 1.9.4"
This reverts commit 90c475e6b8.
2019-11-04 13:10:26 -06:00
Josh Cummings 925bf48ec0
Polish OAuth2ResourceServerConfigurerTests
To confirm that resource server only produces SCOPE_<scope>
authorities by default.

Issue gh-7596
2019-11-04 11:39:54 -07:00